<?php
require_once 'config.inc';
require_once('_db.inc');
require_once('_ui.inc');
require_once '_customer.inc';
require_once '_common.inc';

// Create a database connection
$conn = db_connect(CUSTOMER_DB_USER, CUSTOMER_DB_PASSWORD);

 ui_print_header('Customer - Reveal ID strings');
 	
 echo "I've got a blind Signature<BR></br>";
 echo "Unblind Signature...<BR></br>";
 //get r
 //echo 'SELECT r FROM mo_detail_customer where BATCH=' .$_POST['batch']. ' and mo_n=' .$_POST['chosen'];
 $Rs = db_do_query($conn,'SELECT r, val FROM mo_detail_customer where BATCH=' .$_POST['batch']. ' and mo_n=' .$_POST['chosen']);
 
 //unblind signature
 $signedMO = unblind($_POST[signedMO],$Rs[0][R],MODULUS);

echo "Bank Sigature: " . $signedMO . "<BR>";
 
$sql = "update mo_detail_customer set BANK_SIG='" .$signedMO ."' where BATCH=" .$_POST['batch']. " and mo_n=" .$_POST['chosen'];
//echo $sql;
$stmt = oci_parse($conn, $sql);
oci_execute($stmt);	

	
			$balance = db_do_query($conn,"SELECT BALANCE FROM c_account");
			echo "<br>I have successfully bought this money order valued \$" .$Rs[0][VAL] ."<br><br>";
			echo "My account balance is now: $" .$balance[0][BALANCE] ."</br>";
oci_close($conn);
			

?>
<HTML><BODY>

<BR>
<BR>
<form action="./4.php">
<input type="submit" value="Go to the Store">
</form>
<BR>
<form action="./4C.php">
<input type="submit" value="Go to another Store (to cheat!)">
</form>
<br>
<?php
ui_print_footer(date('Y-m-d H:i:s'));
?>
</BODY></HTML>